Solved! Use COFFEE BEAN.EXE (Worm Autorun) Removal Guide

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Download UnHackMe
Fully Functional 30-day Trial. No credit card is required. Reviews. EULA. Privacy Policy.

COFFEE BEAN.EXE – Worm Autorun removal

File MD5 Virus Alias
COFFEE BEAN.EXE 8b3dd302f1c088be7d5f318538dc0d13 Worm Autorun
COFFEE BEAN.EXE 8b3dd302f1c088be7d5f318538dc0d13 Trojan Generic
COFFEE BEAN.EXE 8b3dd302f1c088be7d5f318538dc0d13 Trojan Siggen
COFFEE BEAN.EXE 8b3dd302f1c088be7d5f318538dc0d13 Trojan Agent

COFFEE BEAN.EXE size: 83812 bytes
COFFEE BEAN.EXE hash: 8B3DD302F1C088BE7D5F318538DC0D13

Created files:

C:\FOUND.007.exe
C:\Msvbvm60.dll
%WinDir%\AE 0124 BE.exe
%WinDir%\Blue Lace 16.exe
%WinDir%\Coffee Bean.exe
%WinDir%\explorer.exe
%WinDir%\explorer.scf
%WinDir%\FeatherTexture.exe
%WinDir%\Gone Fishing.exe
%WinDir%\Greenstone.exe
%WinDir%\hh.exe
%WinDir%\imsins.BAK
%WinDir%\Msvbvm60.dll
%WinDir%\NOTEPAD.EXE
%WinDir%\Prairie Wind.exe
%WinDir%\regedit.exe
%WinDir%\REGLOCS.OLD
%WinDir%\Rhododendron.exe
%WinDir%\River Sumida.exe
%WinDir%\Santa Fe Stucco.exe
%WinDir%\Soap Bubbles.exe
%SysDir%\drivers\Msvbvm60.dll
%SysDir%\drivers\winlogon.exe
%SysDir%\Msvbvm60.dlll
%WinDir%\TASKMAN.EXE
D:\FOUND.007.exe
D:\Msvbvm60.dll

Detected by UnHackMe:

COFFEE BEAN.EXE
Default location: %WinDir%\COFFEE BEAN.EXE

Dropper information:
MD5: 5f860c051302ca649cafc5a18e5ca280
File size: 134689 bytes

Leave a Reply